Ben,
Just a note that the official source that Olivier posted for LDAP support is here: http://opensource.atlassian.com/projects/spring/browse/SPR-362
The one's we're using, which are slightly modified (to include LdapDaoSupport) are here: http://www.uportal.org/cgi-bin/viewcvs.cgi/cas3/adaptors/ldap/src/main/java/org/springframework/ldap/
I don't believe there are any Test Cases though which could be an issue.
-Scott
Ben Alex wrote:
Robert r. Sanders wrote:
While I don't have a huge amount of spare time, I would be glad to look over any list of tasks you have and see if I could fit any of them in. I tried to look on the sourceforge site and see if there were any bug/feature lists but couldn't find any.
Hi Robert
Given your recent interest in the LDAP module, and its significant usefulness to the wider community, I think that's good feature to move from sandbox to core. Some things that might need doing in that regard include checking the forums for past LDAP contributions (to check the current LDAP DAO provides equivalent features), a description for the reference guide, and a unit test. Re unit testing, the problem is the difficulty of needing an LDAP server to respond to the requests. I see a few approaches that we could investigate:
- Expect an LDAP server to be running. A Win32 port of OpenLDAP is available at http://lucas.bergmans.us/hacks/openldap/. I wouldn't mind if it was a prerequisite that the server was already running, with a base schema and users already in the directory. In this case we might make the LDAP module a separate Maven subproject so that it doesn't interfere with core's unit tests.
- Look at Apache Directory Server. Maybe it could be loaded in-memory during the test. I haven't looked into it, but this is attractive being an all-Java solution. http://incubator.apache.org/directory/
- Review Olivier Jolly's LDAP support classes at http://www.uportal.org/cgi-bin/viewcvs.cgi/cas3/adaptors/ldap/src/. I took a look and they seem interesting - probably worth using in our LDAP DAO interface anyway just for completeness. Perhaps we could mock one or two of the key interfaces and not use an LDAP server at all.
I'm quite keen on getting this LDAP issue sorted out, so any time you could invest in that would be greatly appreciated. Here is the remainder of my TODO list (not all of which will be done before 0.8.0 or even at all). I am working on the three items marked ***:
*** Digest authentication (for WebDAV compliance) http://www.ietf.org/rfc/rfc2069.txt
*** Anonymous user provider, so there's no need to exclude web URIs http://forum.springframework.org/viewtopic.php?t=1925
*** Remember me functionality
http://sourceforge.net/mailarchive/forum.php?thread_id=5177499&forum_id=40659
http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice
Chain AuthenticationDao / AuthenticationProvider (regular forum question)
Eliminate hard-coded exceptions in AbstractProcessingFilter (replace with a pluggable resolver that is wired via a property editor)
Certificate integration
(seems complicated as exchange happens in container-level SSL/TLS handshake)
Prevent concurrent logins via a session listener
(committed new WebAuthenticationDetails which stores session ID in Authentication)
JMX of cache hits/misses, password failures, prevent user logins not holding certain role
http://opensource.atlassian.com/confluence/spring/display/DOC/Exposing+your+Beans
Tiger annotations
(or just wait for Spring to provide guidance on how it will approach this)
DB source ObjectDefinitionSource (or just let Spring do it at container level)
JOSSO Integration
(good marketing benefit for software developers wanting pluggable SSO solutions)
SecureID Integration
Any help appreciated!
Ben
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
